- Technology

Does Texting Patient Information Violate HIPAA?

Today, texting has become the normal mode of communication both for the personal message as well as for business purposes. A study found that 63% of people would prefer to do business with any company that can offer communication through text messages only. 

Therefore, looking at the popularity of text various messages, now many healthcare organizations have started debating whether their communications should be done through texting. Texting can after all be a quite quick way of communication. However, in doing so, there is one concern that is holding organizations back and that is – data safety.     

Though text messages are considered secure, however, any texting done by healthcare organizations must be more than secure. All text messaging must be HIPAA compliant. So, we need to know whether these standard text messages can be considered HIPAA texting and meet the legal requirements of HIPAA.       

When texting is considered as HIPAA compliant?

The latest ruling to the Health Insurance Portability and Accountability Act 1996 has acknowledged that various changes in technology have resulted in many workplace practices and private health information is also commonly communicated and accessed by using mobile devices e.g. smartphones, cell phones, etc.

The chances of data getting compromised in the workplaces of public access will be greater when individuals will use public Wi-Fi or any other open cell phone network. Hence, there can also be a risk that certain private health information may get compromised if a mobile device gets stolen, sold, or lost. 

Texting can only be HIPAA compliant if the following conditions are satisfied:

  • When those organizations responsible for maintaining private health information have got the processes and procedures to restrict the accessing of any private health information and also control over their use.
  • When any periodic risk assessments will be conducted for identifying any threat to the confidentiality of sensitive data and procedures of a patient, then it must ensure that no breach will occur.
  • When encryption and protection of physical data are in place for any individuals who will use their mobile devices for communicating any private health information or for accessing sensitive patient data during their course of work.
  • When policies are available to cover the various scenarios when mobile devices may get lost or stolen, or in case the owner wishes to sell their mobile phones so that any private health information can easily be deleted remotely.
  • When a system is available to ensure that all private health information will not be stored on the available local storage facility of any mobile devices used by the employees and sub-contractors.

By developing certain new messaging habits, one can keep the patient data secure while texting any healthcare-related messages. It is necessary to ensure that every communication channel that is going to be used for sending any health-related messages must be secure and HIPAA compliant.

There are a few organizations that can help you taking your HIPAA calling a step further. You can use their HIPAA-compliant online forms, where you can gather the entire information of the patient that you need while still remaining fully HIPAA compliant.

About Bradley Raines

Read All Posts By Bradley Raines